Searching for "contact" or "numbers" can flag legitimate emails

[magnus-rattlehead]

A person may include contact details in their invoice in some cases. A regex only approach would not work alone. A machine learning model may also work better on less sophisticated scams. A list like this is also vulnerable to scammers simply changing the text. A machine learning model can be self-reinforcing: every time a new scam mail comes out the model can learn from it.

[SPorpora]

A starting point for detecting a potential scam is to look if the target email is contained in known database leaks.

[magnus-rattlehead]

I think this is out of scope for this project. This sounds like a thing email providers or other third party tools (like the aura sponsor) to implement

[codecat]

A starting point for detecting a potential scam is to look if the target email is contained in known database leaks.

This is specifically for "Paypal invoices", which are real emails sent by the real Paypal. Scammers send you invites with a custom "invoice note" which is what this repository does its best to detect.

So the email address will always be from the actual real Paypal.

[magnus-rattlehead]

This is specifically for "Paypal invoices", which are real emails sent by the real Paypal.
SPorpora implies that PayPal should check known database leaks before sending a potentially "sus" invoice. I think this is out of scope but I digress

[SPorpora]

The scammers send email based on lists of "clients", probably the lists come from leaks so if a email was leaked there is an higher probability of the invoice being a scam. There are a bunch of things that might suggest that the invoice could be a scam other than the text of the invoice. See the other issue i posted.

[codecat]

Everyone at some point is part of some database leak though 😅 The chance that your email is not in a leaked database is rather small.

[2br-2b]

Maybe partner with something like NoMoRobo to automatically search for suspicious email addresses?